From 0261b673677cbc7136730c6ca51646f0126c56aa Mon Sep 17 00:00:00 2001
From: Benjamin Kaduk <kaduk@mit.edu>
Date: Tue, 15 Mar 2016 21:52:40 -0500
Subject: [PATCH] Update NEWS for 1.6.17

Release notes for OpenAFS 1.6.17

Change-Id: I47281bcdb6074a5ab6ba493abf86c1efb2227674
---
 NEWS | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/NEWS b/NEWS
index 803afd452..748c643ea 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,32 @@
                        User-Visible OpenAFS Changes
 
+OpenAFS 1.6.17 (Security Release)
+
+  All server platforms
+
+    * Fix for OPENAFS-SA-2016-001: foreign users can create groups as
+      if they were an administrator (RT #132822) (CVE-2016-2860)
+
+  All client platforms
+
+    * Fix for OPENAFS-SA-2016-002: information leakage from sending
+      uninitialized memory over the network.  Multiple call sites
+      were vulnerable, with potential for leaking both kernel and
+      userland stack data (RT #132847)
+
+    * Update to the GCO CellServDB update from 01 January 2016 (12188)
+
+  Linux clients
+
+    * Fix a crash when the root volume is not found and dynroot is not
+      in use, a regression introduced in 1.6.14.1 (12166)
+
+    * Avoid introducing a dependency on the kernel-devel package corresponding
+      to the currently running system while building the srpm (12195)
+
+    * Create systemd unit files with mode 0644 instead of 0755
+      (12196) (RT #132662)
+
 OpenAFS 1.6.16
 
   All platforms
-- 
2.39.5